I will demand more money from people in the dark web

Loads of bug bounties are getting flooded with AI slop reports these days

yeah curl ended their hackerone program

Mentioning dark web have you been there?

like if i go back to hacking im not gonna be ethical; ethical is a last resort

Never know this way

lol

not really for much; just pirating some courses about ..............starting some business? I didn't even watch it

and like one forum where i thought i could learn something but i didnt.

there's no education on the dark web.

Only crimes

Its so fucking sad that a bbp was shutdown cos of too many AI submissions

damn

Not true I learned a lot about PGP on the darkweb

i didn't know that

I'll have to pick your brain on some links for learning stuff oneday not today though

yeah like now what if someone actually finds a real curl vuln?

Im sure theres some channels you go through but 💀

This happens if you blindly trust it

what do you guys do when you just cant study???

gaming

Can't get BB, could always sell to nation states.

Some bounties require a certain reputation before you can participate. It might get to the point you need certification or some other qualifier to participate

fr

no like but you know you gitta study and you still dont

skill issue

?

Just go do vdp

Get experience

lol

No pay but you know you can know how these security works

more bb hopefuls should be doing that anyways

get some CVEs

#banmadf0x ?

omfg

how difficult is that

Sometimes you have to realise that if you don't do it, you won't get it. Besides, motivation only happens after the work is done

been working on that 🙂 unfortunately the stuff I e gotten so far has been too lame to submit. But the learning experience has been a blast so far

oh

One thing Ive learned so far is that almost every file parser out there has dozens/hundred of DoS bugs lmao

if i dont get a job this year im actually jumping from a building

hope it has suislide nets

Schedule some time that you tell yourself you need to be in Academy, or doing boxes or reading books or documentation... start with something easy, like reading a page of an Academy module. Next time make it 2 pages. Doing 2 pages a day until you get your groove then upping it to 3 pages... Or else do 2-3 hours a day. And take notes as you go. And read your notes

depends lol

i got 2 this year so far

bet boss

wtf how

year just started

Ive never had issues when it comes to studying security stuff related in terms of motivation or whatever. Its always been strictly having the actual time for it or not. Setting an actual schedule has been huge

ive been studying it for like straight 8 months and now im getting into bug hunting i cant find anything so im jus thinking to move on and focus on oscp

8 months...

bro i dont think you want this enough

Try the CPTS. Lots of people have apparently found OSCP fairly manageable after doing it. But you do need goals, ambitions, consistent practice

CPTS is much harder than OSCP.

cpts is leagues above oscp

by a magnitude of 3 at least

if you fail oscp after passing cpts its cause you cheated on cpts

yes im going to study fir oscp from the cpts path

Yep, that's why there's so many reports of CPTS takers going over there and having the exam+report submitted in a working day

finding vulns

ive been trying ti find a cve from the last 2 months

bug bounty and appsec vuln research tend to be very different beasts

which target and like what do you focus on when huntinh

i wont tell

anything methodology wise thats been fun? Ive been experimenting alternating between fuzzing and static stuff like custom semgrep rules

one trust me gang one day ill find 0day in htb

its certainly possible

why?

highly doubt that

do you use hackerone or bugcrowd

i want one

i wont report it😈😈

neither, bug bounty is an AI field now unless you have written an amazing fuzzer over the past few years like frost

I dont think htb ever fixed the problem I found lul I bring it up again every year and its always 'oops! well get on that!'

crazy flex

not really

Motivation is a lie, just gotta have discipline, and being disciplined is a lie cos noone ever masters discipline, they simply practice it until they dont one way or another.

ban pls

well i have mayb 6 more CVEs in the pipeline

nice

oh my god

damn

As I said, you have to just do the work

yes man ill start doing it

what do you use hackerone or bugcrowd

or something else

hopeless

multiple

Yeah ever since xbow every skid in BBP tryna get CVEs and cash outs on LLM hallucinations

what’s the program that youve got the most cves

i wont tell lol

oh

thats crazy

youre the devil

Ive used llm support while hunting and its hilarious just how eager it is to make up shit.

Useful tool but you gotta be aggressive about validating stuff

its NDA

liar

im exhaustead trying to help new people, they are all motivated by money and dont want to learn anything

i dint want money

dont

yes you do

im here for fun

i just want cve

i dont want money

in 8 months youve made no reasonable progress, so how much fun could you possibly be having? if you wanted fun youd do ctf's

LLMs are only really useful when you very specifically direct it, otherwise it hallucinates and just gives a really broad answer that may make sense but is complete bs

i just want to make the internet safer

i was studying about web application the last 8 months during that time i also got ejpt

😂😂😂😂

getting a rando cve is easy. getting an interesting cve is hard

why would you laugh at that

Bro, i will stop answering you from now on

sorry gang forgive and forget

You know at least he's trying, especially knowing how dangerous the internet is now.

I just do this shi for fun

also calling me a liar for now reason

Now I feel tempted to make a joke.

you’re gatekeeping wtf

Go for it

it's NDA buddy

It's not gatekeeping if you can't locate the gate

if someone has malicious intentions they should be gate kept

ight twin i belive you

i'm defo not your twin

and i'm glad about that

No it's not appropriate for general. I'll get automodded most likely . Its a "your mom" joke

??

i will just block you and enjoy life again

There are several private bbps, they're invite only and under NDA

man hold on we can do some malicious things

@unkempt cradle you are the red square

rn i was looking at vdp called revive adserver

I Like to think Im the spongebob just sitting there

?

this image is an iq test

personally Im way more interested in different methodologies than what is the most profitable bounty program

ive 140

Receipts or it aint true

this is against the server rules

💔

I don't know what I'm looking at, but I feel like that scene from quantum leap

if that were true you would be employed in this field by 8 months

Find the brain big enough to have its own gravity hilarious

biggest cap of 20206

i graduated 3 months ago

from kindergarte

😂😂😂

we hace a clown here

yes, you

stand up comedian

Bro found a mirror

👏🏿👏🏿👏🏿👏🏿

comedians 👏🏿👏🏿👏🏿👏🏿

I'm tired

Hello Tired I'm W1ld

I dont understand the image but I keep changing my mind about where Id place myself on it

Struggling to find meaning and inspiration so I think I'll play final fantasy and try not to think for a bit

Or some Expedition.

https://giphy.com/gifs/everyone-word-sharing-13V60VgE2ED7oc

https://tenor.com/view/cloud-strife-cloud-strife-monkey-ac-cloud-cloud-monkey-ff7-gif-4686092036016337820

https://giphy.com/gifs/surprise-zoom-in-wide-eyes-7nJXSoz6CHQlSvWoZX

I stand corrected. Final Fantasy sounds nice

Hehe

i also recommend you to not mess with staff

omg

my fault

forgot you were a staff

forgive and forget twin

just stop ok

nobody is going to want to work with you let alone help you if you talk like a dipshit man

free advice

what im being fr

if I had to guess where Id be on the image this is what Id put

i literally apologised

I want top right but aint there yet

this is so fascinating that you created a path like that

i don't care if you want to apologize or not

i won't accept it anyways

@sharp shuttle long time no see

damn

it felt most appropriate

stop talking like a gen alpha kid

@sharp shuttle long time my man

ight man

but I could be utterly wrong due to misinterpreting

all of life should be a path though

the fr shit was funny at first, but i realized its you guys being unable to properly communicate

not just with spoken words but expression

but yeah hopefully i will receive the next 7-8 CVEs in the following weeks

i dont want to decode the english language, just speak english

I'm just killing time until my exam is graded

CDSA?

Yessir

nice

I turned it in last Thursday

i bet you'll pass

Ty

wassup with the beef broskies

😂

The SOC analyst finally did the defensive cert?

Har har

Bro been in the industry longer than the cert existed and still only did it now

i hope i get 10 CVEs in total in february

sadge that they only gave credits to you @austere sigil

on the one we basically have together

good luck

get 20

10 would be great

start small

i want to get at least one this year

i have 8 more reprots in traige

i could get 10 CVEs with this

that would be amazing

i let you know

@austere sinew

night ping

throw a dog a bone here

@sturdy thistle

about to detect UFOs with this big ass antenna

this is an absolutely massive antenna

in fact too big of an antenna

that's what she said

what frequencies?

Tell the mothership I said yo!

https://tenor.com/view/yeeclaw-gif-756696691625442780

time to go to bed

I reported leaked creds in a repo and the dev acknowledged that they were legit creds and it was an accident. Instead of just simply removing, they created a github issue to ask a linked AI to remove the creds

😂

that's gold

So you didn't talk to the dev... you talked to the guy who prompted the AI dev

https://tenor.com/view/blinking-eyes-white-guy-blinking-meme-what-huh-gif-26334323

my honest reaction

I already knew the app was vibecoded but somehow I didnt think they would go that far to edit a config.json file

Or. Md files

censoring has nothing secret but did anyways to minimize outting the actual repo

😂

And the worst part is this is why RAM is $1000

It's nuts allegedly as low as 80MHz and as high as 1.2GHz

can confirm it immediately picked up all planes in the sky through concrete

is that reciver?

is there any like replays of the weekly cube talks?

Spotify

yup its called a portapack H4M

I havent yet, but this thing kinda has that in it already but definitely not high quality maps lol

its like a mediocre 2000s garmin map

Any support team that I can contact here

Nope, contact support on the site, yes you'll probably have to wait til Monday, support need a break too

Hi 👋

Welcome

Good morrow

Cool logo

sadly they haverent posted the recent ones

Is it possible to see something from one device to another over Wi-Fi?

yeah

or like wdym?

CactusCon? Have fun!

How is “wdym”

what do you mean?

I'm referring to interference in the Wi-Fi that causes a retransmission.

yes thats typically how a deauth works. it forces a resync packet, which grabs the password hash

Sorry for not wiring fast my English is low

i mean is it worth it? unless they have a fake password or sll strip n u force the victim to connect to http?

So, can a person with little cyber protection be monitored without their knowledge? So, as a person, you can prevent that.

i doubt it i mean i always used randomized passwords, and always check if im connect via https

You are always be monitored, even if you think what you are doing is private you are mistaken

If you're on the internet your traffic is 100% being logged, but these days end to end encryption is on everything so it'll be hard for them to read the actual traffic.

Oh cool. So, despite everything, a person with low security can still be protected?

From idiots, yes

99.99% of the entire world, low security is enough

lets be accurate

what is realistically low security?

A phone without a password

You're more likely to be hacked through having your password in a data breach than people actually reading your network traffic

i feel like only old people do that low

lol**

...yes

The majority of people are old

You speaking from experience?

Im speaking from declining birth rates

Oh God people really have to start procreating

or its the incline of plan b 😭

As a region gets access to the internet the birth rate plummets

you can speculate all you want why, this is just the truth

Availability of online order birth control?

Like I said, you can speculate.

There are thousands of reasons

In b4 a government pays a birth control company to distribute defective products

I think its funny you think its birth control and not the copious amounts of estrogenics and carcinogenic ecologic devastation

That's good reasoning. But did you know it also affects low fertility?

hi

Hi

The region got internet not an asbestos factory

@outer shuttle no, that's illegal

guess how the internet typically enters a region that never had it...

Contact support of the game then.

i did with game

Nowadays' probably satelite

but they didnt did something yet

This is very true

Again contact support.

oki

cya

Poor bro, my password didn't work for me in the game. I tried contacting support as much as I could, but they couldn't help. 😔

Hate to break it to you but if you got hacked in a game it's probably your own fault

imagine taking accountability

I wasn't hacked. My password just stopped working. I monitored my account from another account and there was never a connection.

Bro just forgot his password that ended up being a typo the whole time

😭

happens to the best of us

At least it aint that one employee that dropped the database

just one?

Uf, I wish that had been it, but I had my password written down on paper (it was my first account). It also happened in 2022, I don't think anything's going to change.

my fellow Python coder which import you like to use?

`# Import file.
import file

print(file.code())

From import foo.

from file import code

print(code)

Import from a folder.

import folder.file

print(folder.file.code())

From import foo from a folder.

from folder.file import code

print(code())

Import foo with as.

import file as File

print(File.code())

From import foo with as.

from folder.file import code as Code

print(Code())
`

I more prefer in import the module and from import few codes from the same module

i feel like it depends

i always do like

import socket

from socket import AF_INET, AF_INET6
from socket import SOCK_STREAM, SOCK_DGRAM

cuz i dont want to type those keyword out

felt werid

looks more clean

tcp scan is perfect in python

when comes to udp in socket it kinda hard to capture

when i do backend with flask

import flask

Some function from the module.
from flask import render_templates

feels more clean

Python can import like go too. I do this when i was doing pygame

import (
socket,
os,
sys,
time
)

Mlon Eusk

yo wait

Python if they add switch it will be cool

switch is like if but instead can check for mutiple variables to be true it only checks for one

💀

itsnt that the animal wars

lol

george orwell

Hey, is there a command I can use when a situation arises?

what do you mean?

command is just executables

you can create your own scripts to slove that situations and compiled to exe than add into windows variables path

I mean that if, for example, I press W, the command should be executed.

yea

you need keyboard listeners

you can code one in python using pynput

that also sounds like every time you type w, that'll be executed which would be a nightmare

once the key is trigger check the key press what value is it and you can decided what functions with features that you want to run

imagine playing games with this

💀 I know it's a bad idea, it was just an example

Yessir! Had my first shot of tequila too

I'm on my way back to the hotel and gonna go to a bar

Mmm…Now that I think about it, imagine trolling your friend and when he presses W it makes an annoying sound

My friend:

sounds like something a 14 year old would do

It sounds like something a bored teenager would do.*

It's not like I can do much with my limited knowledge.

Isnt that an avg 14 yr old?

lol

honestly no. 14 yrs old are just useless dopamine farming teens.

No

This year I'm haunted by the "job application" meme.

We're now on our way to a bar! 🔥🔥

https://people.com/waymo-exec-reveals-company-uses-operators-in-the-philippines-to-assist-autonomous-vehicles-11900507

Morning

https://www.youtube.com/watch?v=zuD1DH1dXLs

n then for the fallback they said a operator was controlling 😭

it was lag bro.. philippines

USA servers

I'm new to cyber sec

https://tenor.com/view/yoda-star-wars-gif-13483002094524268305

Welcome to the grid

https://tenor.com/view/house-of-the-dragon-rhaenyra-targaryen-emma-darcy-this-is-the-highest-of-treasons-treason-gif-26966183

are you watching HOTD or sum?

No

hack the box coupon code anyone ?

I need friends im a beginner 😭

https://youtube.com/shorts/HPdEEjHEblc?si=6vA1LbDAfrbtFES8

@sturdy thistle ping

@austere sinew ping denied

@austere sinew ping

Moltbook Breach Breakdown: How an Exposed Database Let Anyone Hijack 770,000 AI Agents
Lets goooooooo

https://tenor.com/view/uhm-meeting2-hmm-meeting-hmm-pepe-pepe-meeting-gif-18064240235739253690

Hi

Went to the worst bar known to man and it was great

Even though we were there for an hour

It was the type of bar you'd see biker gang fights in and I had the worst vodka ever

Before I had a tequila shot at the after party and had like zero fluids so yeah and I'm a light weight

I want something with peanut butter now

let's circle back on this

idk if this is the right discord but is html + css better or just js react better

it depends on your usecase

Web design stuff is just nauseatingly disgusting lol

js was made in less than one sprint, so it must be awesome

it sure as hell impressed management

eh like minimalism but also alot functionality

Try both and find out

@scenic maple ping

yeah i also might just use css for static and whatever needs to goto backend etc, js react

is that a good idea?

https://tenor.com/view/cats-ping-pong-gif-12990681

any new bounties?

Back to doing college

U?

good

got CVE-2026-25749 yesterday

How did u find iy

As in recon

asked claude what high risk areas are and then manually read code in each of them

then found

hi

cve on vim?

thats giga peak shit

its revenge for making me google "how to exit vim"

easiest targets are old pieces of software most have forgotten about already

i just used tryhackme, as i was going, it suggested me that my best role would be a red teamer, is that good or bad

way too many people remember vim tho

i think im gonna be a good person as a red teamer lol

evident when you see the vim memes

hey whos vim

never heard of her

her?

how do you know its a her

https://tenor.com/bkc8S.gif

heh

i know

@austere sinew

so far does Fortresses effects the rank

No

alright thanks, at least I'll gain skills

@austere sinew health check

for the fortresses global rank yes, but badge rank no

where is the cat pfp why are you taking a picture of us again?

https://woman.g0bl.in/ its here

I guess I completed the yapping for today

perfect

we might only get top 10 again this year

It looks cool

Fuck cats

https://klipy.com/gifs/jcsoos-2

Good morning general

fuck morning

hehe I solved a few challenges that I could do offline and will be able to submit them in the morning

hopefully we can at least get top 5

top 3 is impossible to do at this point

someone's bed was wet this morning, first letter of his name is e

You mean me?

username *

You mean me?

@supple plume (e)

rabbit hole

Sometimes you just wanna jump off a building

dayun

I'll not die, I'll be deformed (can't walk/cant do anything) then I'll die internally 1000 times a day

what fortress are you hacking ?

jet

wanna collab?

can't find the flag for the dig section even I have all the info

sure

let's do it

I need a little 15 min

then we can do a call or something

if you want

alright I'll set up everything

sure

perfect

brb

I'm bored anyone wanna do something?

hello !

i hate this noob title makes me uncomfortable lol

Get get a higher rank

Solid advice

100%

im just lazy

lol

or a real noob idk

join us with JET

@supple plume I suck in english so far

can i join?

https://tenor.com/view/viserys-targaryen-viserys-hotd-house-of-the-dragon-proposition-gif-7067221962991154443

or u dont welcome noobs

house of the dragon was shit

https://tenor.com/view/f-15-f-15ex-boeing-first-flight-usaf-gif-2606259154709253587

f35

It was funny bc of the uncle niece stuff in it

https://tenor.com/view/su35-sukhoi-gif-22126069

maybe

https://tenor.com/view/f14-tomcat-spin-topgun-f14-tomcat-gif-2156775659953188430

the battles were cool

chat

earth is very not flat

Ye

who is the greatest hacker here

you

and the gov do care about you

@twilit stump

they knocking on my door, tell my mama i love her chat

the only thing i have hacked so far is my neighbour wifi when i was 14

good now host a dns server, and redirect everything to you through a MITM proxy and get their secrets, or even better when they request a file download hijack it with your own exe, -- Chat this is how hackers do it im only saying so you protect yourself --

Guessing the password is not hacking

Me too

it'll be a great conversation

well it is hacking if u can social engineer it 😛

2 minutes and I'll be ready

great

That's not how they do it... Unless it's a targeted attack

Good luck social engineering sqli

there is chatgpt for that

It's literally just some massive but dumb low effort phishing campaigns to install some generic malware (mostly on outdated PCs or smartphones) then get them to a botnet

Which is then used 99% for mining bitcoins

Im back

idk but i feel like most labs teach you outdated stuffs? those old vulns that nobody uses

idk what you meant, but you're wrong

such as

there's ofc, built in dns records you wont be able to change, but you can 100% do alot by just replacing someons DNS, and also if you manage to enable a deep inspection cert, you can decrypt TLS fairely easily

My guy nobody will give you a 0day in a course lmao

yo quick question, am i supposed to put my full legal name in the "Full Name" field so the certs appear as my name and not my random anon username?

eternalblue, older smb versions , samba , etc

your real name

i want that juicy stuffs LOL i guess i will have to find one myself after 70 years of studying

some companies still run legacy systems

you'd want your real name on your diploma too

@tawdry sorrel pspspsp

you'd be suprised lol

Well yeah. I meant how MOST mass malware campaigns operate

damn okay

thx

i work with them occasionally

shit really? lol

meow

would be high end corp too?

I'm ready

wpctl set-volume @DEFAULT_AUDIO_SINK@ 100%+ &>/dev/null

i know a corp still using windows server 2003, and they saying they cannot change it because of cost, but they amount of money they through on it to secure it and basically just "jail" it is crazy

My college which teaches cyber security is still running outdated versions of windows 10. Some of them still on the first build

sudo rm -rf /

grossing in the multimillions, i haven’t seen them

i have a question that always goes through my mind , everyone is telling me to become good with coding first then get into networking , cyber security etc

lmao

im sure u guys are way experienced

is it because they’re working with limited hardware, or are they just lazy

i know coding but to some extent

oh i see

Nah don't follow those stupid ass sequential learning steps

depends what you actually wanna do ?

Learn everything in parrelel or however you like

like just aim at something

networking is something i started actually learning after getting a job

red teaming mostly , i know it is a difficult road but yeah i love the methodology of it

ok knowing networking is actually nice, but i'd say to learn how to operate a shell first, and then miss a round with networking and why not solve some easy codding challs to get your brain working too

(not the fundamentals, those are a given)

red teaming, you'd 100% need to know networking and should know how to code too

If you're starting a new, I think just messing around with operating systems is a good starting point

unpopular opinion i think its good to start with ASM

Then networking, then scripting/programming and so on

im working on a covert network implant

Actually true, because you get a really good base, but idk if anyone is going to stick with it

a mixture of both networking and scripting

like it was paing to shift my mindset to just return data when using python, to understand why i need to return a pointer instead when start working with C

(internal rt development project)

oh i see

after doing the academy assembly module its safe to say even with almost no prio programming background, you can understand what's going on, and after finishing the module you can actually write some ASM

i dont think python is a good pick honestly

The thing is, though, people only get these kinds of questions when they actually start programming. So learning ASM, CPU architectures, memory and all the low level stuff is great at first, but it may not be interesting to a beginner

its what most schools stick with

i went from knowing nothing to actually be able to make a reverse shell with ASM, just from that module alone

im sure if you find ASM intresting then, you're the right person for security, and if you fail big chance you'd get borred along the way in your journey, but just the basics is enough

unless you wanna Oragnisation and architecture ofc

In assembly you're basically moving stuff around in the registers and memory. It's very very tedious, but quite simple actually when you learn it

the lower you go with computers, the simpler it gets

my friend kept telling me assembly will make u a god lol

no its fucking not

C is simpler than python

what is simpler than C?

asm

abstractions are costly

i want you to write me a reverse shell in ASM and have no NULL bytes in your shellcode

Like I find it easier to read assembly in a disassembled binary in IDA pro than reading C or high level code sometimes 😭

do it now

and you got 2 weeks

i promise you its not "simple"

source of this?

source : trust me bro

this just generated by gpt

btw

https://tenor.com/view/get-out-leave-gif-11630809

LMAO

ASM is not simple C is not simple aswell, python yeah a little, but dont compaire the two

https://tenor.com/view/iu-gif-3230492491645038817

nay, you misunderstand

simple in terms of what ?

C as a language is fairly simple, it does not provide many components and abstractions

it sure does

Python on the other hand has many dynamically resolving components

i love how i just asked to learn programming first or get into networking and now we are talking about low level assembly and asm coding

and it has slop as well, as well as python does, but python slop is more sloppy than C slop

which makes it simpler than C

and not the other way around

what makes you think that?

im starting to love this group

more abstractions = simpler how?

Just program in shell code

how is having a literal interpreter simple, lmao

https://giphy.com/gifs/reactiongifs-tyqcJoNjNv0Fq

try writing a lexer function in C, you'd almost be handelign everything almost from scratch, while langs like python they just hand you ready libs

C as a language is fairly simple, it does not provide many components and abstractions

this does not make it simple my guy

What he means is the language architecture is simpler. Not necessarily simple to program in

aah sorry its simpler becase you can do def func() -> bytes

but plot twist you'd still get a UTF encoding return and not actually bytes if you dont do b""

I mean there's less steps between you and the CPU itself

It has nothing to do with ease of programming

now i know that i dont understand shit in programming lol

i'll be on templeOS there's almost no layers between you and the CPU, as i remember he found a way to get ride of linkers too right ?

Really?

actually the perfect guy to talk about langs and CPU and architectue is Petals, but i think he left the server

It doesn't mean you have to use it lol. I'm not making suggestions. I'm making a statement

that man is 200+ IQ or something

i've never used it lol

Yes templeOS is simpler than windows

lets see what's this templeos

holyC could've been what C always should've been

Ah

fast as fuc*k, no slop and does what it needs to do

Ye

That’s unfair on weekend

It's an operating system

yeah i've seen some weird things about it looks like some insane guy made it

Yeah I think he was schizophrenia

it's always those guys that make something no one did and they disappear

He died

oh 🙁

Got hit by a train

that's sad

is it out there

i want to try running it

im sure i wont be able to but ye

simple doesn’t mean easy to write lad, it means minimal and native

No lol it's not usable nor was it meant to be usable

im sure you can get it up and running

“running” for how long exactly is a mystery

You can but it's not like a normal OS

goodluck finding the terminal commands for it i guess

it has docs

is crt.sh dead?

Loads for me

nvm started working just now

My cursor clicks are a little to the right of where it's actually pointing, any fix to this? I'm running Mint, I think cinnamon

NEW MACHINE IN 7 HOURS

MY SKIN ITCHES

What is protocol

A professional Tocol

Season 10 hype

aaayaaay bla bla bla remember

I need it NOW

But

@green kite @muted olive

@meager kernel @cerulean bloom

Too bad

hwewo

Hoi

hru

Happy Birthday

Im good ty hru

I’m good myself

how would one be able to achieve that MVP Trophy i saw ppl post on Linkedin that they received from HTB?

Can someone help, i am trying to complete Introduction to Digital Forensics , first box to connect to is to connect with RDP { Target(s): 10.129.34.139 (ACADEMY-INTDF-VELOCIRAPTOR)

Life Left: 113 minute(s)

RDP to 10.129.34.139 (ACADEMY-INTDF-VELOCIRAPTOR) with user "Administrator" and password "password" } But I can't seem to use RDP to connect to it

my xfreerdp3 command doesnt work as intended it give me this error : {
[23:11:08:610] [40610:00009ea3] [ERROR][com.freerdp.client.x11] - [xf_setup_x11]: failed to open display::0
[23:11:08:610] [40610:00009ea3] [ERROR][com.freerdp.client.x11] - [xf_setup_x11]: Please check that the $DISPLAY environment variable is properly set.
[23:11:08:610] [40610:00009ea3] [ERROR][com.freerdp.core] - [freerdp_connect_begin]: ERRCONNECT_PRE_CONNECT_FAILED [0x00020001]
[23:11:08:610] [40610:00009ea3] [ERROR][com.freerdp.core] - [freerdp_connect_begin]: freerdp_pre_connect failed: CLIENT_STATE_PRECONNECT_PASSED}

Happy birthday

Please check that the $DISPLAY environment variable is properly set

I tried it still aint working

are you using pwnbox?

No i am using my own VM

I dont know bro, have you try using sudo?

i tried for the past hour or so to solve it 🥲 and yes i tried sudo

i might just be a knob tbf

Well I am rdp in to my wm

does my display setting should be something different ?

I dont know depends what ever you changed

use this command:
echo $DISPLAY

do you get output?

:0

then is set up

to what?

Bro I dont even know what OS are you running... you ask me?

lol

parrot OS

ok so Parrot doesnt use Wayland right?

Then I dont know bro

🙁

its ok

I guess you tried without sudo also right?

yes

Can't help you bro sorry

its alright :3

try doing export DISPLAY=0

DOne it already

doesnt work

i tried also 0.0

I once saw someone who solved it by running xfreerdp with sudo

Not sure how

If i do sudo xfreerdp it doesnt work

but if i do sudo xfreerdp3

works

but like i get the errors

Try using rdesktop

Theorically you should never have to use sudo for this

but if your user is not assigned permission properly sudo will help

depends the distro

rdesktop work but still get an error for some resason

I mean if you try all of this and havent reboot the VM i would do it

just in case

aight might try that

Did you remenber if you use echo $DISPLAY before using Export display? and you know export display is tight to that terminal instance right? so you need to use the command on that terminal

i did :3

and what was the output?

the same?

:0

ok so it was fine all along

Are you logged as root?

I need friends 💔

yes

thats the issue bro

xD

Bra

wdym

How did u even think about such a question

Some distros dont allow root to access the display for security reasons

wdym? its a classic

When you are new you want to be root all the time

Then im not benificial for diagnostics

xD

I know a bit about human conditions

Lmafo just needed to restart

but is good now?

yes sir

Coolio

Fucking oath

Well now you know you should be root only when is necessary xD Is better to use sudo for most cases, that's why sudo is for

https://youtu.be/taqnloU9j6Y?si=UdYhQc25fnnrich2

@gork, summarize this for me

nvm, I think I had seen this before

They got arrested and found guilty of breaking and entering despite having the paperwork

tldr: physical pentest, got arrested, then released, lawsuit etc?

yeah, this

Law is just fake the ones in charge never follow them only enforce the ones they want

Bill gates angy at linux users, said we should go f ourselves.

https://giphy.com/gifs/netflix-henry-cavill-the-witcher-geralt-of-rivia-d88tKlampLOqdCOnad

General questions for everyone …best ai you guys personally use etc ? Recommend

Look man, between me and Mr Bill Gates, one of us slipped their own wife antibiotics for an STD he gave her.. and it wasn't me

Thats wild

Everytime i hear about bill, its never about anything good.

I am waiting for a massive discount of HTB academy yearly subscription

I hope I don't die waiting for it

hey everyone. I'm coming from THM. Finished basic lessons and half way through sec analys and pen tester modules.

I was told to check HTB because it is concidered the "next level" from THM.. What would you say the differences are and what is the payment method here?? In THM it is a montly/yearly sub that gives you access to 99% of content. Is there something similar? Thanks!

Unpopular opinion: a general forum like https://forum.hackthebox.com/ should be revived. It's soooo useful to have a "static" place where u can check every doubt you have on a box

Discord is too dynamic

ykwim??

Overall concept of the platforms are similar but you will see different terminology. Boxes instead of Rooms for example.

Active content and Teir0 stuff on Academy are free. After that their are various subscriptions. VIP+ has most content on the labs and Academy has paid.

Difference wise, you can think of academy like more teaching focused rooms and labs as more rooms without a guide but that can be blurry since retired content has write ups and some have guided mode.

Payment wise, similar options to what you see on THM, I imagine. 🙂

I totally get the view I don't think it's happening in the current plans though. Activity really declined over the last several years and lots of scam postings went up. So moderation wise, we spent a lot of time chasing crypto scams and not much else happening outside of some hint begging in box release channels.

As far as a more general form though, 0x00sec did relaunch in the last few months. :D

ohh I see. Yeah I am going through the website first time now. Interesting stuff.. Last question.
Can I connect to the rooms from my own vm's via vpn connection or do rooms etc run on the "pwnbox" elusively?

You can use your own VM with the provided VPN configs. Pwnbox is optional. Academy has a set limited time a day for free users. Labs has a two hour account limit for free.

that about covers all my questions at this time. Thank you very much for taking the time to asnwer! I will finish the basics then on THM and:

https://tenor.com/view/i'll-be-back-terminator-police-station-gif-1102374317952270849

Happy hacking!

hiii guys im looking for a friend with whom i can study

look for a team

#1318239802931286066

how does rewards system work for teams ?

it get split between them or they each take the same reward?

wdym? xD

For the season?

for season

Is individual

so each take the same prize ?

Boxes are not solved as team

are individual

so everything is individual

oh then whats the team option for in the labs?

To be in a team

insert penguin gif

It depends how people want to be about it

each team is different

i know but like the point of a team is each one take part of a project of work so how you do that in HTB CTFs

some teams share flags

other does not

Depends on the individuals of each team

for my love of the game, I'd never do that even to my best friend

the team feature just add all the individual points as team entity

everything is individual as just are alone

People will collaborate as they want to do it

and HTB as nothing to do with that

is up the individuals to decide

thats how it should be

yea true

as I'm learning cybersec, I can't "make it easy" for others with me

"Oh we believe in the same god, look i give you a flag"

God want you to be guru go and try it

.........

Hi could I Dm you for chall Inifinity Bank pls ?

I was offered once (Im not going to speak about details) a bounty for a challenge flag + writeup.... 150$

pay2win

And allegedly the guy who offer the bounty works for the NSA xD

can i dm someone who has good knowledge on prototype pollution, i'm doing some web study, and i could use some help

https://tenor.com/view/house-of-the-dragon-rhaenyra-targaryen-emma-darcy-this-is-the-highest-of-treasons-treason-gif-26966183

@austere sinew

Can someone tell me what the word r*bux is banned here?

cause of too many people wanting hacks for it

possibly because there are many children who come in asking if anyone can hack Ro**ox and increase the r*bux in their account.

that's hilarious

If you're censoring words, please add these too: J b, wrk, schol, Exms, As*ignments

hey I uploaded new stuff to the shell